DataMixx Privacy Policy
March 2020
DataMixx Ltd (DML) is a full service media agency that collects data from a number of partners to help our clients accurately target their advertising, and other purposes as detailed in this policy.
We are committed to respecting your privacy and being transparent about how we collect your personal data, how we use your data, how we keep your data safe and your rights to access, amend, object or delete the data we hold about you.
We take our accountability for your data very seriously so if you feel there is a question that is not answered here, or if you would like more information about how we process your data, you can contact us at any time by emailing or writing to
DataMixx Ltd
The Old Barn, Lower Eashing
Godalming, Surrey
GU7 2QF
Scope
This privacy policy explains how we process data provided to us by our data partners and covers the following areas:
Where do we get your data from?
What type of data we hold about you?
What is our lawful basis for processing your data?
Your rights in controlling how we use your data.
Where do we get your data from?
We compile our database using carefully vetted partners who have collected your data through:
-
Online Competitions
-
Online Comparison Websites
-
Online Lifestyle Clubs
-
Online Offer websites
As an ethical company, DataMixx only works with partners we think you can trust with your data. In each case we ensure that our partners have collected your data fairly and compliantly and that you have been informed that your data will be shared with DataMixx (normally in their own privacy policy). In addition, we ensure that they have been clear and transparent about the purposes for which DataMixx will use your data.
You have a right to withdraw your consent or object to our processing of your data under our and our service providers legitimate interest at any time by contacting us using the details at the top of this policy.
A full list can be supplied on request
What type of data we hold about you?
We only hold personal data about you that you have provided to our data partners. This includes names, addresses, emails, telephone numbers, dates of birth, lifestyle and demographic data.
We do not hold or process any sensitive data about you such as:
-
Financial data
-
Credit scores
-
Health information
-
Political preferences
-
Religious preferences
-
Sexual preferences
-
Data relating to children
What do we use your data for?
Your data is used by our clients for the following purposes:
-
The sending of relevant marketing communications - to help our clients decide whether or not marketing communications will be relevant to you
-
Verification and enhancement of customer and marketing databases - to help our clients keep their own databases up to date and to add extra information to help them make better decisions about how and when to communicate with you
-
Enhance targeting relevance through market research, analysis, segmentation and profiling - to provide relevant and targeted marketing to consumers by preferred channel. The data that we provide to our Clients and Services Providers may be added to the information that they already hold about you. As an example, a car insurance company will check whether you have been a customer of theirs before. This is to ensure that they provide the right types of products, services and pricing to you.
-
Identity verification, credit and risk management, revenue collection, database tracing activities - to help our clients protect you – and themselves – from financial harm such as fraud or identity theft.
Who do we share your data with?
Your data may be used by our clients and their brands in the following areas:
-
Automotive – car dealerships and manufacturers
-
Careers and Education – job opportunities, college course details
-
Charity – volunteering, events
-
Entertainment and Leisure – sporting events, local activities
-
FMCG – supermarkets, pharmacies
-
Finance – bank accounts, credit cards, loans, mortgages, investments, pensions and savings
-
Insurance – car warranties, home insurance, life insurance, pet insurance, private medical insurance, travel insurance, vehicle insurance
-
Legal Services – PPI claims, will writing
-
Lifestyle – health and beauty, fitness
-
Marketing and Surveys – market research, consumer surveys
-
Public Sector – local information and services
-
Publishing and Media – TV services, magazine subscriptions
-
Property – home improvements, estate agencies
-
Retail – clothing and fashion, food and drink, home furnishings, online retail
-
Telecoms – broadband and internet services, mobile phone contracts
-
Travel – airlines, holidays, hotels, travel bookings
-
Utilities – electricity and gas providers, solar power, water suppliers, energy saving solutions
Services Providers
In addition, we may supply some or all of your data, under strict licensing terms to Services Providers (which may include companies that specifically provide marketing services) who will use it to create products and services to help organisations better understand the likely characteristics of their customers; communicate with them more effectively; and find others like them across a range of marketing channels. This means that you receive advertising that is more relevant to you via direct mail/telemarketing/email or when you visit a website. Some Services Providers use the data we supply to help their clients with fraud prevention, tracing and ID verification – more details can be found in their privacy policies linked below.
The Services Providers we work with are limited to only those organisations who we have completed checks on and who will only process personal data in compliance with all relevant privacy laws, regulations and guidance.
They may use your data in the following ways:
-
To create targeted advertising products and services for their clients
-
To help prevent fraud
-
To help organisations better understand the likely characteristics of their customers
-
To communicate with customers more accurately and effectively
-
To find customers like them across a range of marketing channels.
-
To ensure secure data storage and campaign transmission
-
To ensure data accuracy and viability
A full list of our Services Providers and Clients can be found here
What is our lawful basis for processing your data?
We process your data for marketing purposes under the consent you have provided to our data partners when they collected your data. If you wish to withdraw your consent please contact us and we will globally suppress your details from receiving any further third-party marketing, within 24hrs.
For some processing we rely on our legitimate interest as a business or those of a third-party, provided those interests are not outweighed by your interests, fundamental rights and freedoms.
In each of our data partner’s privacy policies, DataMixx is highlighted as a designated third-party with whom your data will be shared under the data partner’s legitimate interest particularly for fraud prevention, tracing and ID verification. We further process your data for use by our Services Providers under our legitimate interest as a business to provide your data for these purposes.
In specific situations, we may process your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
You have the right to object to this processing and if you wish to do so please inform us by emailing or by using any of the other contact details at the beginning of this policy.
How long do we keep your data?
We only retain information for as long as it is required for the purpose(s) for which we legitimately use it, or for longer periods if required for legal and regulatory reasons. The period for which we use personal data can vary depending on the contract terms with our data partners.
If we are asked to delete personal data from our files, we fulfil the request within 24 hours. In addition, we will inform the data partner who provided the information to delete it within 7 days and ensure our Services Providers delete the record within 14 days.
How do we keep your data safe?
We take our obligations to keep your personal data safe and secure very seriously. Within DataMixx, access to your personal information is strictly controlled on a ‘need to know’ basis. Staff members are only allowed access to your personal data if they have been sufficiently trained in data handling. We have specific technical controls in place to restrict access and these are monitored regularly.
Where is your data stored?
We store your personal information in an Amazon Web Service cloud environment located in the European Economic Area (EEA). We do not transfer your data to any country that outside this area.
Your rights in controlling how we use your data
Under data protection law you have rights regarding how we process your data. Please use the contact details at the beginning of this policy to exercise any of the rights below:
Your right of access
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process. You can read more about this right here.
Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies. You can read more about this right here.
Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances. You can read more about this right here.
Your right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances. You can read more about this right here.
Your right to object to processing
You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests. You can read more about this right here.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. You can read more about this right here.
You are not required to pay any charge for exercising your rights. We have one month to respond to you.
You also have the right to complain to the Information Commissioner’s Office whose address is Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Data Protection Officer
The contact details of our Data Protection Officer:
DQM GRC Limited
DQM GRC House
Baker Street
High Wycombe
HP11 2RX
Email
Tel: 01494 435464
Updating this Privacy Policy
We keep this Privacy Policy under regular review. This policy was last reviewed in March 2020.
